Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e39362e302f32302d3230203d3e2030.roa
File: 3134382e3133352e39362e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: hhdtfumdOs18fkmzo13g0+Ofq6ebs4gO0R6MzihMRXU=
Subject key identifier: 59:41:8D:5C:5A:B1:B1:E2:CA:02:2B:C9:9B:0F:91:53:DB:DE:B3:9C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 509B47CFDD68742EDDB36C8A882A504D2FC958AE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e39362e302f32302d3230203d3e2030.roa
Signing time: Fri 03 Feb 2023 09:18:40 +0000
ROA not before: Fri 03 Feb 2023 09:13:40 +0000
ROA not after: Fri 02 Feb 2024 09:18:40 +0000
asID: 0
IP address blocks: 148.135.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9b:47:cf:dd:68:74:2e:dd:b3:6c:8a:88:2a:50:4d:2f:c9:58:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 3 09:13:40 2023 GMT
Not After : Feb 2 09:18:40 2024 GMT
Subject: CN=59418D5C5AB1B1E2CA022BC99B0F9153DBDEB39C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:07:f1:c2:31:21:c3:36:cb:64:fb:f2:f6:6b:
49:c3:7d:b3:30:65:54:02:16:ca:67:e0:d1:d6:49:
53:30:19:21:31:81:1a:19:fd:e5:9e:67:d9:23:90:
68:d1:e9:5c:58:83:7a:19:16:44:0a:c9:50:a6:1c:
f0:20:8c:a6:f1:97:74:0a:f2:f7:42:ac:40:96:08:
99:3b:67:74:66:74:8e:84:79:43:19:2f:fa:02:53:
3c:86:4f:25:1e:bd:7f:95:70:e1:60:72:c0:e6:be:
a5:f7:40:f9:c7:45:39:4a:84:cf:48:8c:1b:7d:06:
fe:23:0f:3c:ca:7a:cb:ba:92:d3:c6:32:70:00:a9:
04:e7:7e:ee:46:e6:a1:b7:36:c0:d9:f1:9e:1c:cb:
f6:fe:9d:42:08:53:8c:06:ec:86:63:aa:50:50:7b:
c0:75:4b:fe:50:2d:be:97:bf:58:06:04:26:ea:39:
7e:e0:48:63:a7:f1:58:d8:99:9a:b6:11:7b:e1:5d:
2a:87:f1:73:3e:cf:fd:ae:59:0c:2d:f5:6e:49:9e:
bd:00:5e:f7:c5:59:6d:de:dd:d8:e2:e2:49:b0:15:
0a:ab:a4:08:04:4b:e9:11:fd:32:01:97:79:fd:f3:
74:38:df:aa:d4:04:0f:03:c1:63:21:a4:76:9e:15:
83:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:41:8D:5C:5A:B1:B1:E2:CA:02:2B:C9:9B:0F:91:53:DB:DE:B3:9C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e39362e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.96.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:8a:c0:d9:14:0b:dc:00:74:31:e0:f8:2d:0f:3a:dc:77:a6:
f0:c7:df:3b:3b:40:c0:c1:de:4d:94:2a:fe:77:e5:53:f1:90:
83:71:3a:f1:1c:5e:36:d7:ed:59:13:69:67:48:44:99:24:ef:
a7:e8:bd:2c:21:0f:ec:c0:b2:1d:40:68:e8:55:a0:ee:a0:75:
35:c6:f9:ca:16:aa:ad:33:1c:32:3f:17:b4:c8:2e:fb:27:4d:
f4:e0:3f:ef:3f:99:b2:f0:78:eb:e5:03:45:54:68:4d:a6:69:
92:b2:49:e3:78:6a:d9:55:9c:fd:9d:56:d0:0a:11:e9:fa:94:
9a:b3:64:91:d6:39:53:8a:db:7b:9b:d2:dd:78:ad:45:21:ee:
ed:88:04:29:e8:f1:b5:33:f9:cf:73:e9:5a:92:02:91:0b:81:
4b:ab:15:91:f0:c6:3f:16:29:14:3f:a0:8e:ad:d8:60:1d:8e:
8a:70:2d:45:bd:72:64:8d:40:04:90:b6:c6:7e:82:3a:da:b6:
ef:6f:1c:89:d0:b1:d3:04:48:ff:98:03:b7:62:67:5f:d2:ea:
77:93:18:95:cc:4a:79:18:37:79:fb:22:a6:5e:4f:67:e3:db:
97:ff:ab:ff:90:ca:7a:f3:76:c5:5c:d4:aa:fe:61:29:aa:86:
08:99:02:b9
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUUJtHz91odC7ds2yKiCpQTS/JWK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEzNDBaFw0yNDAyMDIwOTE4NDBaMDMxMTAvBgNV
BAMTKDU5NDE4RDVDNUFCMUIxRTJDQTAyMkJDOTlCMEY5MTUzREJERUIzOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNB/HCMSHDNstk+/L2a0nDfbMw
ZVQCFspn4NHWSVMwGSExgRoZ/eWeZ9kjkGjR6VxYg3oZFkQKyVCmHPAgjKbxl3QK
8vdCrECWCJk7Z3RmdI6EeUMZL/oCUzyGTyUevX+VcOFgcsDmvqX3QPnHRTlKhM9I
jBt9Bv4jDzzKesu6ktPGMnAAqQTnfu5G5qG3NsDZ8Z4cy/b+nUIIU4wG7IZjqlBQ
e8B1S/5QLb6Xv1gGBCbqOX7gSGOn8VjYmZq2EXvhXSqH8XM+z/2uWQwt9W5Jnr0A
XvfFWW3e3dji4kmwFQqrpAgES+kR/TIBl3n983Q436rUBA8DwWMhpHaeFYObAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUWUGNXFqxseLKAivJmw+RU9ves5wwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTM5
MzYyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJSHYDANBgkq
hkiG9w0BAQsFAAOCAQEAtYrA2RQL3AB0MeD4LQ863Hem8MffOztAwMHeTZQq/nfl
U/GQg3E68RxeNtftWRNpZ0hEmSTvp+i9LCEP7MCyHUBo6FWg7qB1Ncb5yhaqrTMc
Mj8XtMgu+ydN9OA/7z+ZsvB46+UDRVRoTaZpkrJJ43hq2VWc/Z1W0AoR6fqUmrNk
kdY5U4rbe5vS3XitRSHu7YgEKejxtTP5z3PpWpICkQuBS6sVkfDGPxYpFD+gjq3Y
YB2OinAtRb1yZI1ABJC2xn6COtq2728cidCx0wRI/5gDt2JnX9Lqd5MYlcxKeRg3
efsipl5PZ+Pbl/+r/5DKevN2xVzUqv5hKaqGCJkCuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org